The issue is when the host has been updated with microcode for Spectre
but qemu has _not_ been updated. In this scenario (as an example),
'virsh capabilities' shows the host cpu model as IvyBridge-IBRS, which is
correct. However, 'virsh domcapabilities' shows IvyBridge as the host-model
and does not show any of the '-IBRS' flavors available under the custom model,
which is also correct since the qemu does not have Spectre patches.
For example,
<cpu mode="custom" match="exact">
<model>IvyBridge-IBRS</model>
</cpu>
Starting an installation in the above scenario will fail because the
unpatched qemu doesn't understand '-IBRS'.
These patches verify that the host capabilities CPU model matches the
domain capabilities CPU model. If they differ, log a message and set
the CPU model to None.
Charles Arnold (2):
Add functionality to acquire the cpu model from the libvirt domain
capabilities
Lookup the domain capabilities CPU model and compare with the host
capabilities CPU model and if they are not equal set the guest's
CPU model to None.
virtinst/domcapabilities.py | 30 ++++++++++++++++++++++++++++++
virtinst/guest.py | 9 +++++++++
2 files changed, 39 insertions(+)
--
1.8.5.6
_______________________________________________
virt-tools-list mailing list
virt-tools-list@redhat.com
https://www.redhat.com/mailman/listinfo/virt-tools-list
